package com.jidong.test_springboot.web;

import java.io.IOException;
import java.util.Date;
import java.util.List;

import javax.servlet.ServletException;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator.Builder;
import com.auth0.jwt.algorithms.Algorithm;
import com.jidong.test_springboot.dao.UserDao;
import com.jidong.test_springboot.entity.User;
import com.jidong.test_springboot.shiro.JwtToken;
import com.jidong.test_springboot.vo.ResultData;
@RestController
@RequestMapping("user/")
public class UserServlet{

	@Autowired
	private UserDao dao;

	@RequestMapping("login.do")
	@ResponseBody
	public ResultData login(String username,String password) {
		
		//创建话题
		Subject sub=SecurityUtils.getSubject();
		//创建一个token
		//UsernamePasswordToken token=new UsernamePasswordToken(username,password);
		
		//生成jwt的token
		Builder builder=JWT.create();
		builder.withClaim("username", username);//给jwt携带用户信息
		builder.withClaim("password",password);//给jwt携带用户信息
		Date date=new Date(System.currentTimeMillis()+1000*60*15);
		builder.withExpiresAt(date);//jwt过期时间
		Algorithm algorithm=Algorithm.HMAC256(password);//给任意一个字符串生成一个加密串作为签名 我们这里用密码
		String token=builder.sign(algorithm);//生成秘钥
		
		//AuthenticationToken 类型是login需要的
		sub.login(new JwtToken(token));//如果登录失败就会抛出异常，如果登录成功就会往下执行代码
		
		
		ResultData result=new ResultData();
		result.setCode(200);
		result.setMsg("登录成功");
		result.setObj("{token:"+token+"}");//把token给前端，前端下次登录的携带该token
		return result;
	}

	@RequestMapping("regist.do")
	public ResultData regist(String username,String password,String gender,int age)  {
		User u = new User(username, gender, age,password);
		int result = dao.insert(u);

		if (result > 0) {
			return new ResultData().setCode(200).setMsg("注册成功");
		} else {
			return new ResultData().setCode(200).setMsg("注册失败");
		}
	}

	
	@RequiresRoles({"guanliyuan"})
	@RequestMapping("list.do")
	@ResponseBody
	public ResultData list()  {
		List<User> users = dao.selectList(null);
		 return new ResultData().setCode(200).setObj(users);
	}

	@RequestMapping("update.do")
	@RequiresRoles({"guanliyuan"})
	public ResultData update(String username,String password,String gender,int age,int id) throws IOException, ServletException {
		User u = new User(id, username, gender, age, password);
		int r=dao.updateById(u);
		if(r>0) {
			return new ResultData().setCode(200).setMsg("更新成功");
		}else {
			return new ResultData().setCode(200).setMsg("更新失败");
		}

	}

	@RequestMapping("delete.do")
	@RequiresRoles({"guanliyuan"})
	public ResultData delete(int id) throws IOException, ServletException {
		int r=dao.deleteById(id);
		if(r>0) {
			return new ResultData().setCode(200).setMsg("更新成功");
		}else {
			return new ResultData().setCode(200).setMsg("更新失败");
		}

	}

}
